<?php
/*
   Copyright 2010, Sanket Parab

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
   
   This is a Test User Interface meant for demo purposes.
 */

$access_level = 0;
$page_title = 'eTAT: Administrator Console';
require_once 'controller.php';

if(isset($_POST['admin_create_submit'])) {
	$password = makePassword($_POST['admin_password']);
	$query = mysql_query("INSERT INTO `instructor` VALUES (NULL,'{$_POST['admin_full_name']}','{$_POST['admin_email']}','$password','3')") or die(mysql_error());
	redirect('admin.php');
}

if(isset($_POST['admin_login_submit'])) {
	$password = makePassword($_POST['admin_password']);
	$query = mysql_query("SELECT * FROM `instructor` WHERE `email` = '{$_POST['admin_email']}' AND `password` = '$password' AND `permission` = '3'");
	$result = mysql_fetch_object($query);
	if($result) {
		$_SESSION['admin'] = $result;
		redirect('admin.php');
	} else {
		redirect('admin.php?m=2');
	}
}

if(isset($_POST['admin_logout_submit'])) {
	$_SESSION['admin'] = false;
	redirect('admin.php');
}

if(isset($_POST['new_user_submit'])) {
	$sql = mysql_query("INSERT INTO `instructor` VALUES
		(NULL, NULL,'{$_POST['new_email']}',NULL,'1');") or die(mysql_error());
	//@TODO: send email to user
	redirect('admin.php');
}
require_once 'header.php';

$check = mysql_query("SELECT * FROM `instructor` WHERE `permission` = '3'");
if(!mysql_fetch_row($check)) { ?>
	<h1>Administrator Console</h1>
		<p>Looks like this is your first time at using eTAT.</p>
		<p>Start by creating an Administrator Account that can manage the rest of the user accounts:</p><br>
		<?php
		$form = new Form('new_admin_form','post');
		$form->textInput('admin_full_name','Admin Full Name');
		$form->textInput('admin_email','Admin Email Address');
		$form->textInput('admin_password','Admin Password',array('type'=>'password'));
		$form->button('admin_create_submit','Create',array('type'=>'submit'));
		print $form->build();
		?>
<?php
} else {
?>
<?php if($_SESSION['admin'] == false) {?>
<h1>Administrator Console</h1>
<form name='admin-login' method='post'>
	<?php
		$form = new Form('admin_login_form','post');
		$form->textInput('admin_email','Email Address');
		$form->textInput('admin_password','Password',array('type'=>'password'));
		$form->button('admin_login_submit','Login',array('type'=>'submit'));
		print $form->build();
	?>
</form>
<?php
} else {
	$query = mysql_query("SELECT * FROM `instructor`");
	while($r = mysql_fetch_object($query))
		$users[] = $r;
?>
<h1>Administrator Console</h1>
	<?php
		$form = new Form('admin_logout_form','post');
		$form->text('Welcome, '.$_SESSION['admin']->full_name.' ');
		$form->button('admin_logout_submit','Logout',array('type'=>'submit'),false);
		print $form->build();
	?>
<br />

<p><b>User List:</b></p><br />
<ul>
	<?php
		$form = new Form('new_user','post',true,array('class'=>'invisible'));
		$form->textInput('new_email','Gmail Address');
		$form->button('new_user_submit','Submit',array('type'=>'submit'),false);
		if(count($users) > 1) {
			foreach($users as $u) {
				if($u->permission == '1' && $u->permission != '3') {
					$key = base64_encode($u->email);
					print "<li>$u->email (Invitation sent) <a href='register.php?k=$key'>[link]</a></li>";
				} else if($u->permission == '2' && $u->permission != '3')
					print "<li>$u->full_name ($u->email)</li>";
			}
			print '<br>';
			print button('add_new_user','Add a New User',array('type'=>'button','onclick'=>'javascript:$(this).toggleClass("invisible");$("#new-user").toggleClass("invisible");$("#new-email").focus();'),false);
			$form->button('new_user_cancel','Cancel',array('type'=>'button','onclick'=>'javascript:$("#add-new-user").toggleClass("invisible");$("#new-user").toggleClass("invisible")'),false);
			print $form->build();
		} else {
			print "<p>There are currently no users in the eTAT Application. Start by adding one below:<br><br>";
			$form->setClass('visible');
			print $form->build();

		}
	?>
</ul>

<?php } } ?>
<div class='clear'></div>
<?php require_once 'footer.php'; ?>